SANS Penetration Testing

This cheat sheet offers advice for creating a strong report as part of your penetration test, vulnerability assessment, or an information security audit. To print, use the one-sheet PDF version; you can also edit the Word version for you own needs. General Approach to Creating the Report Analyze the data collected during the assessment to … Continue reading Tips for Creating a Strong Cybersecurity Assessment Report

Some functions within penetration testing can be mundane and repetitive. To feed some life into these parts of the test, it can be fun and challenging to develop an automation script for these elements of an assessment. Furthermore, automating parts of a penetration test can help the output to be more consistent, reproducible, rigorous, and … Continue reading Web Application Scanning Automation

By Ron Bowes Sometimes reverse engineering is graceful and purposeful, where you thread the needle just right to figure out some obscure, undocumented function and how it can be used to the best of your ability. This article isn't about that. In this post, we'll look at how we can find hidden functionality by jumping … Continue reading Using gdb to Call Random Functions!

We are excited to introduce to you the new SANS Penetration Testing Educational Poster, "Pivots & Payloads Board Game"! It is a poster and a board game. How is it a board game? You can lay it down on a table, cut out the game pieces and game modifiers, use a dice to move … Continue reading SANS Pen Test Poster: Pivots Payloads Boardgame